| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20161103225435.GA3298@jasmine>
Date: Thu, 3 Nov 2016 18:54:35 -0400
From: Leo Famulari <leo@...ulari.name>
To: oss-security@...ts.openwall.com
Cc: fulldisclosure@...lists.org, dickey@...isible-island.net,
cve-assign@...re.org
Subject: Re: [FD] [oss-security] CVE request:Lynx invalid URL parsing with
'?'
On Thu, Nov 03, 2016 at 05:58:14PM +0800, redrain root wrote:
> I can't find any bugtracker in lynx ,so i will disclose by this mail and
> sent to the author dickey@...isible-island.net.
>
> redrain (rootredrain@...il.com)
> Date:2016-11-03
> Version: 2.8.8pre.4、2.8.9dev.8 and earlier
FYI, as far as I can tell, this bug is present in 2.8.9dev.9 as well.
Download attachment "signature.asc" of type "application/pgp-signature" (802 bytes)
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists